[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.0' (ECDSA) to the list of known hosts.
syzkaller login: [   33.883500] audit: type=1400 audit(1588710771.189:8): avc:  denied  { execmem } for  pid=6322 comm="syz-executor292" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   34.144642] IPVS: ftp: loaded support on port[0] = 21
[   35.001790] chnl_net:caif_netlink_parms(): no params data found
[   35.105293] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.111989] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.119592] device bridge_slave_0 entered promiscuous mode
[   35.127292] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.133780] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.140699] device bridge_slave_1 entered promiscuous mode
[   35.158016] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   35.166944] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   35.185698] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   35.192887] team0: Port device team_slave_0 added
[   35.198739] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   35.206184] team0: Port device team_slave_1 added
[   35.221800] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.228499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.254520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.266137] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.272388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.297762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.308411] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   35.316100] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   35.386221] device hsr_slave_0 entered promiscuous mode
[   35.423230] device hsr_slave_1 entered promiscuous mode
[   35.463605] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   35.470669] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   35.537841] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.544493] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.551532] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.558115] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.590371] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   35.597336] 8021q: adding VLAN 0 to HW filter on device bond0
[   35.606012] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   35.615684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   35.635134] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.642214] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.652695] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   35.660054] 8021q: adding VLAN 0 to HW filter on device team0
[   35.668761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   35.676906] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.683306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.694094] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   35.701884] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.708293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.722656] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   35.732398] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   35.742096] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   35.753572] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   35.765005] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   35.775736] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   35.781751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   35.789822] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   35.803657] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   35.810949] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   35.818004] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   35.828373] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.884731] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   35.894897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.929126] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   35.936880] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   35.944503] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   35.954781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.962212] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.971035] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.980467] device veth0_vlan entered promiscuous mode
[   35.989315] device veth1_vlan entered promiscuous mode
[   35.995727] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   36.004985] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   36.011502] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   36.019667] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   36.027874] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.041115] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   36.050305] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
[   36.057276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.065131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.075585] device veth0_macvtap entered promiscuous mode
[   36.081660] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   36.090458] device veth1_macvtap entered promiscuous mode
[   36.096974] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
[   36.106702] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   36.116471] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   36.126091] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[   36.133609] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.140645] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.148302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.155708] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.163557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.174340] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[   36.181341] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.188955] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.197300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   36.342659] BUG: spinlock recursion on CPU#1, syz-executor292/6323
[   36.349121]  lock: 0xffff888097c24868, .magic: dead4ead, .owner: syz-executor292/6323, .owner_cpu: 1
[   36.358446] CPU: 1 PID: 6323 Comm: syz-executor292 Not tainted 4.14.179-syzkaller #0
[   36.366445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   36.376407] Call Trace:
[   36.379008]  dump_stack+0x13e/0x194
[   36.382637]  do_raw_spin_lock+0x1cd/0x230
[   36.386767]  dev_mc_sync+0x10b/0x1c0
[   36.390458]  ? vlan_dev_set_mac_address+0x5c0/0x5c0
[   36.395458]  vlan_dev_set_rx_mode+0x38/0x80
[   36.399767]  __dev_set_rx_mode+0x191/0x2a0
[   36.403980]  dev_uc_unsync+0x16c/0x1c0
[   36.407845]  bond_hw_addr_flush+0x5c/0xe0
[   36.411967]  ? bond_set_dev_addr.isra.0+0xb0/0xb0
[   36.416785]  bond_enslave+0x1e53/0x49e0
[   36.420736]  ? bond_update_slave_arr+0x6c0/0x6c0
[   36.425467]  ? rtmsg_ifinfo_event.part.0+0x9a/0xc0
[   36.430371]  ? rtmsg_ifinfo+0x64/0x80
[   36.434155]  ? __dev_notify_flags+0x110/0x210
[   36.438623]  ? dev_change_name+0x990/0x990
[   36.442829]  ? bond_update_slave_arr+0x6c0/0x6c0
[   36.447556]  do_set_master+0x19e/0x200
[   36.451517]  rtnl_newlink+0x1319/0x1720
[   36.455468]  ? trace_hardirqs_on+0x10/0x10
[   36.459711]  ? rtnl_link_unregister+0x1f0/0x1f0
[   36.464703]  ? lock_acquire+0x170/0x3f0
[   36.468660]  ? lock_acquire+0x170/0x3f0
[   36.472616]  ? rtnetlink_rcv_msg+0x31d/0xb10
[   36.477011]  ? __lock_is_held+0xad/0x140
[   36.481088]  ? lock_downgrade+0x6e0/0x6e0
[   36.485208]  ? rtnl_link_unregister+0x1f0/0x1f0
[   36.489848]  rtnetlink_rcv_msg+0x3be/0xb10
[   36.494084]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   36.498659]  ? netdev_pick_tx+0x2e0/0x2e0
[   36.502780]  ? skb_clone+0x11c/0x310
[   36.506496]  ? save_trace+0x290/0x290
[   36.510270]  netlink_rcv_skb+0x127/0x370
[   36.514324]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   36.518878]  ? netlink_ack+0x980/0x980
[   36.522741]  netlink_unicast+0x437/0x620
[   36.526777]  ? netlink_attachskb+0x600/0x600
[   36.531156]  netlink_sendmsg+0x733/0xbe0
[   36.535206]  ? netlink_unicast+0x620/0x620
[   36.539476]  ? SYSC_sendto+0x2b0/0x2b0
[   36.543386]  ? security_socket_sendmsg+0x83/0xb0
[   36.548309]  ? netlink_unicast+0x620/0x620
[   36.552516]  sock_sendmsg+0xc5/0x100
[   36.556306]  ___sys_sendmsg+0x70a/0x840
[   36.560263]  ? copy_msghdr_from_user+0x380/0x380
[   36.565023]  ? trace_hardirqs_on+0x10/0x10
[   36.569230]  ? save_trace+0x290/0x290
[   36.573003]  ? trace_hardirqs_on+0x10/0x10
[   36.577236]  ? find_held_lock+0x2d/0x110
[   36.581279]  ? __might_fault+0x104/0x1b0
[   36.585331]  ? lock_acquire+0x170/0x3f0
[   36.589440]  ? lock_downgrade+0x6e0/0x6e0
[   36.593589]  ? __might_fault+0x177/0x1b0
[   36.597624]  ? _copy_to_user+0x82/0xd0
[   36.601495]  ? __fget_light+0x16a/0x1f0
[   36.605452]  ? sockfd_lookup_light+0xb2/0x160
[   36.609943]  __sys_sendmsg+0xa3/0x120
[   36.613719]  ? SyS_shutdown+0x160/0x160
[   36.617670]  ? move_addr_to_kernel+0x60/0x60
[   36.622059]  SyS_sendmsg+0x27/0x40
[   36.625605]  ? __sys_sendmsg+0x120/0x120
[   36.629648]  do_syscall_64+0x1d5/0x640
[   36.633528]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   36.638697] RIP: 0033:0x444159
[   36.641861] RSP: 002b:00007ffe1d1ae9a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.649540] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000444159
[   36.656783] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000010
[   36.664026] RBP: 0000000001b60914 R08: 0000000000000003 R09: 0000000000000003
[   36.671267] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000013
[   36.678512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000